There are fundamentally different issues and challenges.


As industrial operations rely more and more on networking and Internet connectivity, there is rising concern about cyber security issues and threats, especially for critical infrastructure. Clear differences have emerged in the urgency and challenge for industrial users compared to business users. Here are some of the differences between commercial and industrial cyber security.

 

Assets at Risk


Oil Refinery Off Shore

For commercial enterprises and government institutions, cyber security measures are in place to protect sensitive or competitive information and ensure the integrity of business operations. While security breaches can result in potentially significant losses, those losses are likely to be financial or informational in nature, involving theft or tampering of data from unauthorized access to computer files and systems. With industrial cyber security, actual physical assets are at risk and include things like PLCs, RTUs, and factory equipment. If critical infrastructure is involved, tampering with operation can result in immediate loss of property or even human life.

With industrial operations, security breaches have greater potential to cause physical property damage, disruption of critical infrastructure, and loss of human life.


Type of Attacker


Hacker

When security is breached with malicious intent at a place of business, financial gain is likely to be the primary motive. The theft of credit card data for 40 million Target store customers is just one example of this. With industrial control systems, there is a greater risk that disruption or destruction of operations and systems is the motive. This fear was proven credible with the discovery of the Stuxnet worm, which was designed to disrupt operations and cause damage at a nuclear facility. In late 2015, two power distribution companies in Ukraine reported that hackers had caused power outages to over 80,000 people. This lends even greater urgency to the need for specialized cyber security standards and measures for industrial users.

Cyber attacks that target industrial control systems are more likely to have disruption or destruction as their intent.


Type of Exposure


Substation


There are many well-developed cyber security measures and practices to protect business data and systems, from computer log-in policies to firewalls and encrypted traffic. Software and systems can be applied to restrict access at multiple levels by authenticating users, computers, type of traffic, allowed zones, etc. With industrial operations, communication is between devices and machines using protocols and systems that are not designed to authenticate and restrict access. Without special handling, allowing connectivity to even one device means potentially allowing access to the entire system. The risk is not only from people with malicious intent. Inadvertent communication between devices that were previously disconnected to one another can also be a major problem.

Industrial devices, machines, and protocols often do not have strong measures to authenticate and restrict access and are more vulnerable to attacks.


Level of Experience


Bottling Factory


By now, business users have had many years of experience being connected by networks and the Internet. Most companies have a well-developed understanding of the risks and losses of a security breach. The software and services that they use are regularly updated to keep up with the latest threats. This is not the case for industrial users, many of whom are still at the beginning stages of establishing connectivity across their operations. For industrial users, the need for regular updates to software and systems is not a well understood or established concept. In fact, industrial users will often purposely avoid updating their software because they have concerns that the changes will disrupt their operations in unpredictable and unanticipated ways.

Industrial users are still in the process of discovering the types of security issues that they are facing with greater network and Internet connectivity.


Physical Layout


Factory Floor


Most of us should be familiar with the type of networks used in commercial enterprise. Business is conducted in office buildings, with critical servers collected and protected in special air-conditioned rooms. The primary connected devices are PCs with human operators. PCs and servers are segmented various layers of both physical and network security, such as key card access to rooms and password access to accounts. Industrial sites are fundamentally different. Connected devices and PCs may operate continuously and autonomously with few or no human operators, in remote locations or spanning a large physical area such as a factory floor. These networks are often simple and implemented as “flat” for maximum availability, allowing any connected device or person to potentially access every device without differentiation. In addition, all equipment is in the open or in a cabinet, subject to harsh temperatures, vibration, electromagnetic interference, or even explosive gas conditions. This means that established commercial cyber security measures may not work for industrial users – new tools and practices need to be established.

Industrial networks have fundamental differences in network layout and type of connected device compared to commercial networks.


These are some of things to consider when addressing the cyber security needs of industrial users versus the cyber security needs of commercial users. It is risky to assume that existing commercial solutions and practices are enough to keep your industrial operations secure. For more details, download our white paper: Industrial Networking Security Best Practices.



Have a question about this topic? We would love to hear from you. Please feel free to contact us and one of our representatives will reach out to you with more information.


 

Related Topics


Want more info like this?



 

White Paper:
Industrial Networking Security Best Practices

Case Study: Smarter Shop Floor with Cloud-Based MonitoringWhite Paper: Industrial Networking Security Best Practices